Dear list!
Is there any way to specify sasl-secprops separately for each transport type? For ldapi:/// is want "sasl-secprops noanonymous,noplain", and "sasl-secprops noanonymous,noplain,noactive" for the rest.
The idea is to require SASL GSSAPI for everyone with only exception for clients connecting via ldapi (like heimdal KDC) - they need SASL EXTERNAL.